Spectracom products running LINUX are only susceptible if an attacker is able to successfully authenticate with the product and gain shell access. This Linux vulnerability can only be exploited if an attacker is able to successfully authenticate with the product and gain shell access. We eliminated the vulnerability in the 5.7.0 release for SecureSync and NetClock 9400.

Spectracom products are only susceptible if an attacker can successfully authenticate with the product and gain command line shell access. Malware is required to be run locally within the system to exploit these vulnerabilities. Spectracom recommends following good security practices, including applying software updates containing the latest security patches as they become available, and applying policies and settings that protect and limit access to authorized and trusted users. We are working to update our operating systems and software as they become available to resolve these potential vulnerabilities within the affected products. We will update this bulletin as new information becomes available.